Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-1975 | 1 Ibm | 1 Rational Doors Web Access | 2019-10-09 | 3.5 LOW | 5.4 MEDIUM |
IBM Rational DOORS Web Access 9.5.1 through 9.5.2.9, and 9.6 through 9.6.1.9 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 153916. | |||||
CVE-2011-2679 | 1 Ibm | 1 Rational Doors Web Access | 2017-08-28 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2011-2680 | 1 Ibm | 1 Rational Doors Web Access | 2017-08-28 | 10.0 HIGH | N/A |
Unspecified vulnerability in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 has unknown impact and remote attack vectors related to the "server error response." | |||||
CVE-2011-2681 | 1 Ibm | 1 Rational Doors Web Access | 2017-08-28 | 10.0 HIGH | N/A |
IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 does not properly handle exceptions, which has unspecified impact and remote attack vectors. | |||||
CVE-2011-2682 | 1 Ibm | 1 Rational Doors Web Access | 2017-08-28 | 4.0 MEDIUM | N/A |
The Login component in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 allows remote authenticated users to cause a denial of service (license consumption) by trying to login to DOORS Web Access with a new user account that has never been used for a DOORS login. |